npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

openclaw-wasm-sandbox

v0.3.0

Published

Wasm Sandbox Plugin for OpenClaw

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

guyoungguyoung

Keywords

openclawopenclaw-pluginwasmwebassemblywasisandbox

Readme

openclaw-wasm-sandbox

Wasm Sandbox Plugin for OpenClaw

npm version npm downloads License

openclaw-wasm-sandbox is an OpenClaw plugin that provides a capability-based secure sandbox for running WebAssembly (WASM) components. Built on the WebAssembly Component Model and WASI (WebAssembly System Interface), it allows you to safely execute untrusted WASM code with granular control over file system access, network requests, environment variables, and computational resources.

⚠️ Prerequisites

  • WebAssembly Component — This plugin runs WASM Components (.wasm files built with the Component Model), not Core WebAssembly modules.
  • To convert a Core WASM module into a Component, use wasm-tools:
    wasm-tools component new input.wasm -o output.wasm

Features

  • 🔒 Capability-based Security — Fine-grained control over system resources
  • 📁 File System Isolation — Map specific host directories to guest paths
  • 🌐 Network Control — Allow or block network access by host pattern
  • ⏱️ Resource Limits — Timeout, memory, stack size, and execution fuel
  • 🔧 Environment Variables — Pass selective env vars to WASM components
  • 🖥️ HTTP Server Mode — Serve WASM components as web services

Installation

From ClawHub

openclaw plugins install clawhub:openclaw-wasm-sandbox

From npm

openclaw plugins install openclaw-wasm-sandbox

From Source

# Clone the repository
git clone https://github.com/your-repo/openclaw-wasm-sandbox.git
cd openclaw-wasm-sandbox

# Install dependencies
npm install

# Link or install
openclaw plugins install . --link    # Development (live reload)
# or
openclaw plugins install .           # Production (copy files)

Usage

CLI Commands

The plugin provides two subcommands under wasm-sandbox:

Run a WASM Component

openclaw wasm-sandbox run <file.wasm> [args...]

Example:

# Basic run
openclaw wasm-sandbox run ./hello.wasm

# With arguments
openclaw wasm-sandbox run ./hello.wasm arg1 arg2

# With environment variables
openclaw wasm-sandbox run ./hello.wasm --env FOO=bar --env BAZ=qux

# With directory mapping
openclaw wasm-sandbox run ./hello.wasm --map-dir ./data::/data

# With network restrictions (allow only github.com)
openclaw wasm-sandbox run ./hello.wasm --allowed-outbound-hosts https://github.com

# With resource limits
openclaw wasm-sandbox run ./hello.wasm \
  --wasm-timeout 30 \
  --wasm-max-memory-size 67108864 \
  --wasm-max-stack 1048576 \
  --wasm-fuel 1000000

Start HTTP Server from WASM Component

openclaw wasm-sandbox serve <file.wasm> [options]

Example:

# Basic server (defaults to localhost:8080)
openclaw wasm-sandbox serve ./server.wasm

# Custom IP and port
openclaw wasm-sandbox serve ./server.wasm -i 0.0.0.0 -p 3000

# With environment variables and directory mapping
openclaw wasm-sandbox serve ./server.wasm \
  --env NODE_ENV=production \
  --map-dir ./public::/public

# With WASI config variables
openclaw wasm-sandbox serve ./server.wasm \
  --config-var LOG_LEVEL=info \
  --keyvalue-var CACHE_TTL=3600

Available Options

Common Options (both run and serve)

| Option | Type | Description | |--------|------|-------------| | --work-dir <dir> | string | Grant access of a host directory to guest root dir | | --map-dir <mapping...> | string[] | Map host directory to guest path (host::guest format) | | --env <var...> | string[] | Pass environment variable (KEY=value format) | | --allowed-outbound-hosts <host...> | string[] | Allowed network destinations (supports wildcards) | | --block-networks <network...> | string[] | Blocked IP networks (use private for private ranges) | | --wasm-timeout <seconds> | number | Maximum execution time before timeout | | --wasm-max-memory-size <bytes> | number | Maximum linear memory size | | --wasm-max-stack <bytes> | number | Maximum stack size before overflow | | --wasm-fuel <units> | number | Execution fuel units (traps when exhausted) | | --wasm-cache-dir <dir> | string | Directory for precompiled .cwasm cache files |

run Exclusive Options

| Option | Type | Description | |--------|------|-------------| | --program-name <name> | string | Override argv[0] (executable name) | | --invoke <function> | string | Name of the exported function to invoke |

serve Exclusive Options

| Option | Type | Description | |--------|------|-------------| | -i, --ip <ip> | string | Socket IP to bind to | | -p, --port <port> | number | Socket port to bind to (0-65535) | | --config-var <var...> | string[] | WASI config variables (KEY=value) | | --keyvalue-var <var...> | string[] | In-memory key-value data (KEY=value) |

Agent Tools

The plugin also registers two tools for use by AI agents:

| Tool | Description | |------|-------------| | wasm-sandbox-run | Run a WebAssembly Component with configurable options | | wasm-sandbox-serve | Start an HTTP server from a WebAssembly Component |

Tools are registered as optional — agents can use them when needed.

Security Model

The plugin uses capability-based security:

  • No implicit access — WASM components have zero access by default
  • Explicit grants only — Access must be explicitly granted via options
  • Resource bounds — Memory, stack, fuel, and time limits enforce resource consumption
  • Network isolation — Outbound network access is denied by default, allowlist-based

Network Patterns

--allowed-outbound-hosts supports:

  • Exact hosts: https://api.github.com
  • Wildcard subdomains: https://*.github.com
  • Protocols: http://, https://

--block-networks supports:

  • IP networks: 1.1.1.1/32, 10.0.0.0/8
  • Special keywords: private (blocks RFC 1918 addresses)

Dependencies

License

MIT

Repository: https://github.com/guyoung/wasm-sandbox-node